<?php
/* explain:		user login
 * Project:     aitony
 * File:        login.php
 *
 * @ link 		http://www.../admin/
 * @ Email		ldmmyx@hotmail.com
 * @ copyright 	2005  Ling Deming
 * @ author 	Ivan.ling
 * @ version 1.0
 */

/*----- import modules -----*/
//include_once ("../configure/configure.php");		//-- global var
include_once ("./configure/admin.config.inc.php");	//-- local var
include_once("Smarty.class.php");					//-- out template
include_once ("Users.php");							//-- user
include_once ("Session.php");						//-- Session
include_once ("Logs.php");							//-- logs

/*----- instance -----*/
$ins_user		= new Users(0);					//-- user
$ins_session	= new Session();				//-- session
$ins_log		= new Logs(0);					//-- logs

if($ins_session->getLanguage() == "zh-CN"){
	include_once("zh-CN.inc.php");	//--> zh_CN
}else{
	include_once("en-US.inc.php");	//--> us_EN
}

if(isset($_POST['username'])){
	$username = $_POST['username'];
	$password = $_POST['password'];

	$arrUserData = $ins_user->getFromName($username);

	if($username == '')
		$error_message = "the login name was empty.";	//-- login name was empty
	else if($password == '')
		$error_message = "the login password was empty.";	//-- login password was empty
	else if(!is_array($arrUserData))
		$error_message = $username." the login name was invalid.";
	else if($arrUserData['status'] != 'normal') {//-- check use status
		switch($arrUserData['status']){
			case 'stop' :  $error_message = $username." the login name be stoped.";	break;
			default  : 	$error_message = $username."  was invalid.";	break;
		}
	}else if($arrUserData['password'] != md5($password)){
		$mixback = $ins_log->funGetLoginLogTmp($username);
		if(is_array($mixback)){
			if(time() - strtotime($mixback['logintime']) > TIME_SPACE){
				$ins_log->funModLoginLogTmp($username, date("Y-m-d H:i:s"),1);
				$error_message = 'the login password of '.$username. ' was invalid.';
			}else{
				if($mixback['logincount'] >= LOGIN_LIMIT_COUNT)
					$error_message = $username." try to login more times with error password. System will pause this login name for a day.";
				else{
					$ins_log->funModLoginLogTmp($username, $mixback['logintime'], $mixback['logincount'] + 1);
					if($mixback['logincount'] < 3)
						$error_message = 'the login password of '.$username. ' was invalid.';	//
					else
						$error_message = $username." use error password to login ".$mixback['logincount']." times. You has ".(LOGIN_LIMIT_COUNT-$mixback['logincount'])." times to try to login.";		//--
				}
			}
		}else{
			$error_message = 'the login password of '.$username. ' was invalid.';		//--
			$ins_log->funAddLoginLogTmp($username, date("Y-m-d H:i:s"), $_SERVER['REMOTE_ADDR']);
		}
	}else if(!$ins_user->checkUserSafe($arrUserData['id'])){	//--
		$error_message = $username." was not passed security authentication.";	//--
	}

	if(empty($error_message)){	//-- successfully login. write session
		/*--- session share data ---*/
		$arrUser=array();
		$arrUser['gid']		=$arrUserData['groupid'];	//--> add user groupid to session
		$arrUser['uname']	=$arrUserData['name'];		//--> add login name to session
		$arrUser['lan']		= DEFAULT_LAN;				//--> add default language to session
		
		if(!$ins_session->exist()){
			if(is_array($ins_session->start($arrUserData['id']))){
				$tmpid = $ins_log->addLogin($arrUserData['id'],date('Y-m-d H:i:s'), $_SERVER['REMOTE_ADDR']);//----- login log
				$arrUser['login_id']=$tmpid;	//--- add login ID to session
				$ins_session->add($arrUser);//--- add share data to session
				$ins_log->addLoginStatistic($arrUserData['id'],date('Y'),date('n'),date('j'));//-- record login statistic
				header("Location: ./index.php");
			}else
				echo "<script>javascript:alert(\"Login set failure. Please try to login again after that you reduse browser's security level. Any problems, Please contact administrater.\");window.location='./templates_en-US/login.htm';</script>";
		}else{
			header("Location: ./index.php");
		}
		exit();
	}else
		echo "<script>javascript:alert('$error_message');window.location='./login.php';</script>";
}

/*----- out html -----*/
$smarty = new Smarty();	//-- out template
$smarty->template_dir = TEMPLATE_SYS_DIR;
$smarty->compile_dir  = COMPILE_SYS_DIR;


$smarty->display('login.htm');
?>
